Troubleshoot Virtual Private Networks (VPNs)

As with the previous section, troubleshooting VPNs is mostly checking the log to see where there may be a configuration issue. There are also a few commands you can run to check the service status and information.

To check the service status run the following commands (depending on if its IPSEc or sslvpn-plus)

vShield-edge-1-0> show service sslvpn-plus
vShield-edge-1-0> show service ipsec

To check the log, SSH into the NSX Edge device and run the following command. You will be looking for entries that show ipsec, F_L2VPN, or sslvpn I have shown examples of each below.

The logs should be able to give you enough information to determine where your mismatch is, or you can always go through and double check your configuration to make sure that you didn’t configure something incorrectly on accident.

To go through the configuration of each of the VPNs, please see the following links.